[Mailman-Users] Possibly OT: GDPR and list servers

Alain D D Williams addw at phcomp.co.uk
Wed May 9 10:05:13 EDT 2018


On Wed, May 09, 2018 at 02:39:09PM +0200, Julian H. Stacey wrote:

> Andrew Hodgson wrote:

> > Has anyone in the EU come across the GDPR guidelines in the context of Mailman?  We are a charity and run Mailman as part of that with some high traffic email lists.  I am getting a lot of conflicting information regarding whether we can even continue to do this in the current climate, most of it coming from half baked documents or different people's opinion, so I wanted to put it out there to see if there is anything that the community may have that we can use or help with in a co-ordinated way.

> GDPR seems the latest government imposed plague ** to consume
> business time unpaid, along with VAT etc.  Bigger companies can
> afford it, but for some small companies it's last nail in the coffin.

The attitude that I have taken with mail lists is that:

* all those on the list subscribed themselves - they thus, at that time,
gave their consent to mailman/list-owner to have their email address for the
purpose of sending email; also on the sign up page I mention list archiving,
etc.

* those on the list can unsubscribe themselves - a reminder of the list web page
is at the foot of every email.

Job done.

There is a lot of hype about the GDPR, much of it inflated by those who either
do not understand it or those who are selling DDPR 'services'. GDPR is not
designed to hit things like mailman lists, or web sites that do not collect and
process personal information. ''process'' is the important word - the fact that
someone's IP address ends up in your Apache logs is of little interest unless
you mechanically process them -- using them to track down some bug or attempt at
cracking the web site would not fall foul of GDPR.

Summary: play nice (ie don't be facebook) and you are probably OK.

> ** Remember the ISO 9000 certification plague ?  When industry
> threw out good equipment that wasn't ISO 9000; & even banks bored
> us they too were ISO 9000 method compliant. 

Yes. I just ignored it.

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/contact.php
#include <std_disclaimer.h>


More information about the Mailman-Users mailing list